2026 - Page 2728 of 7468

Debian 12 — libssh2 — multiple vulnerabilities (15 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libssh2 — multiple vulnerabilities (15 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-1782 CVE-2016-0787 CVE-2019-13115 CVE-2019-17498 CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858  +7 more Upstream summary: The kex_agree_methods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service […]

Read more
Debian 13 — onevpl-intel-gpu — multiple vulnerabilities (10 CVEs) — patch and remediation guide — diagnosis and fix on Debian 13

Debian 13 — onevpl-intel-gpu — multiple vulnerabilities (10 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2023-22656 CVE-2023-45221 CVE-2023-47169 CVE-2023-47282 CVE-2023-48368 CVE-2023-48727 CVE-2024-21783 CVE-2024-21808  +2 more Upstream summary: Out-of-bounds read in Intel(R) Media SDK and some Intel(R) oneVPL software before version 23.3.5 may allow […]

Read more
Debian 11 — php-letodms-core — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — php-letodms-core — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2012-4570 Upstream summary: SQL injection vulnerability in LetoDMS_Core/Core/inc.ClassDMS.php in LetoDMS (formerly MyDMS) before 3.3.8 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Table of contents […]

Read more
Debian 12 — pupnp-1.8 — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — pupnp-1.8 — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-12695 CVE-2020-13848 CVE-2021-28302 CVE-2021-29462 Upstream summary: The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on […]

Read more
Debian 12 — rust-shlex — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — rust-shlex — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2024-58266 Upstream summary: The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the { and \xa0 characters, which may facilitate command injection. Table of […]

Read more
Debian 13 — gtk-vnc — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 13

Debian 13 — gtk-vnc — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-1000044 CVE-2017-5884 CVE-2017-5885 Upstream summary: gtk-vnc 0.4.2 and older doesn't check framebuffer boundaries correctly when updating framebuffer which may lead to memory corruption when rendering Table of contents […]

Read more
Debian 11 — libotr — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — libotr — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2012-3461 CVE-2016-2851 Upstream summary: The (1) otrl_base64_otr_decode function in src/b64.c; (2) otrl_proto_data_read_flags and (3) otrl_proto_accept_data functions in src/proto.c; and (4) decode function in toolkit/parse.c in libotr before 3.2.1 […]

Read more
Debian 12 — golang-github-ulikunitz-xz — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — golang-github-ulikunitz-xz — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-29482 CVE-2025-58058 Upstream summary: xz is a compression and decompression library focusing on the xz format completely written in Go. The function readUvarint used to read the xz […]

Read more
Debian 11 — kcron — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — kcron — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-24986 Upstream summary: KDE KCron through 21.12.2 uses a temporary file in /tmp when saving, but reuses the filename during an editing session. Thus, someone watching it be […]

Read more
CHAT